Vulnerabilities > Ithemes
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-08-28 | CVE-2015-9372 | Cross-site Scripting vulnerability in Ithemes Membership Membership Add-on for iThemes Exchange before 1.3.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). | 4.3 |
2019-08-28 | CVE-2015-9371 | Cross-site Scripting vulnerability in Ithemes Manual Purchases Manual Purchases Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). | 4.3 |
2019-08-28 | CVE-2015-9370 | Cross-site Scripting vulnerability in Ithemes Invoices Invoices Add-on for iThemes Exchange before 1.4.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). | 4.3 |
2019-08-28 | CVE-2015-9369 | Cross-site Scripting vulnerability in Ithemes Easy US Sales Taxes Easy US Sales Taxes Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). | 4.3 |
2019-08-28 | CVE-2015-9368 | Cross-site Scripting vulnerability in Ithemes Easy EU Value Added (Vat) Taxes Easy EU Value Added (VAT) Taxes Add-on for iThemes Exchange before 1.2.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). | 4.3 |
2019-08-28 | CVE-2015-9367 | Cross-site Scripting vulnerability in Ithemes Easy Canadian Sales Taxes Easy Canadian Sales Taxes Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). | 4.3 |
2019-08-28 | CVE-2015-9366 | Cross-site Scripting vulnerability in Ithemes Custom URL Tracking Custom URL Tracking Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). | 4.3 |
2019-08-28 | CVE-2015-9365 | Cross-site Scripting vulnerability in Ithemes Authorize.Net Authorize.net Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). | 4.3 |
2019-08-28 | CVE-2015-9363 | Cross-site Scripting vulnerability in Ithemes Exchange iThemes Exchange before 1.12.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). | 4.3 |
2018-06-22 | CVE-2018-12636 | SQL Injection vulnerability in Ithemes Security The iThemes Security (better-wp-security) plugin before 7.0.3 for WordPress allows SQL Injection (by attackers with Admin privileges) via the logs page. | 7.2 |